Ten years on from the desperate environment that saw the
Sarbanes-Oxley legislation in the US, risk management is the new
panacea to prevent corporate failure. Like regulators around the
ASX Corporate Governance Council has dressed itself in the
LBD of risk without much thought about what it
Overall, the third edition represents an evolution (not
revolution) of the rules and it brings few 'new' changes
(see box). Importantly, it maintains the 'if not, why not'
approach to disclosure in previous editions.
At a glance
Requires more intensive reporting (see below).
Nine new recommendations taking effect for financial years
commencing after 1 July 2014, listed entities should:
undertake appropriate checks before appointing a director and
provide security holders with all material information in its
possession relevant to a decision on whether or not to elect or
have a written agreement with each director and senior
executive setting out the terms of their appointment;
make sure that the company secretary of a listed entity is
accountable directly to the board, through the chair, on all
matters to do with the proper functioning of the board;
have a programme for inducting new directors and provide
appropriate professional development opportunities for directors to
develop and maintain the skills and knowledge needed;
ensure that the external auditor attends its AGM and is
available to answer questions;
provide information about itself and its governance to
investors via its website;
give security holders the option to receive communications
if it has an internal audit function explain how the function
is structured and what role it performs; or if not the processes
for evaluating its risk management processes; and
disclose whether it has any material exposure to economic,
environmental and social sustainability risks and, if it does, how
it manages those risks.
Disclosure may be in either the annual report or on the
Coincides with recommendations by
ASIC on obligations of directors and audit committee
In Australia the Commonwealth Government largely resisted calls
for legislation and the ASX reluctantly emerged as a regulator of
governance matters. Then, many believed that a change in governance
principles would be the answer to future catastrophes.
From a global perspective, ten years on, the OECD still believes
that governance is the key. Now, of course as Gail
Pearson says, "risk is fashionable" and as the
'new black' it means just about whatever you want it to
mean. It should be primarily focused on operational risks like
inadequate systems, management failure, fraud, compliance,
accounting and business strategy. Although when it comes to black
we've also hopefully learned something about Black Swans and
Initially risk management was concerned with a narrow, insurance
based view but it has now moved to a holistic, all risk
encompassing view, commonly termed 'Enterprise Risk
Management'. In that context it means a process applied in
strategy and across the enterprise, designed to identify events
that may affect the entity and manage risks to be within its risk
appetite, to provide assurance regarding the achievement of its
objectives. Combined with internal controls we now have a 'risk
culture' and loads of reporting to go with it. Can these
systems even deal with low probability and high magnitude
Staying with the fashion, the OECD's recent
report reviews the corporate governance framework and risk
management practices in 27 jurisdictions and identifies failures as
varied as Deep Water Horizon, Fukushima, Bhopal and Seveso,
Olympus, Enron, WorldCom, Satyam, Parmalat or the Siemens foreign
bribery scandals as being facilitated by corporate governance
failures, where boards either did not appreciate the risks involved
or had deficient risk management systems.
EMPHASIS ON RISK MANAGEMENT
The new Principles and Recommendations are unthinkingly besotted
with our post GFC focus on risk. For example, recommendation 7.4
provides that an ASX listed entity should disclose whether it has
any material exposure to economic, environmental and social
sustainability risks and, if so, how it manages those risks.
Previously, companies were required to disclose only financial
The OECD believes the cost of risk management failures is often
underestimated. It believes corporate governance should ensure both
financial and non-financial risks are understood, managed and, when
appropriate, communicated. This is consistent with the recent
APRA focus on risk.
Is this a case of "action bias"? As many authors have
noticed it takes unusual courage for a regulator to stand up and
say something must not be done, because often something makes the
While generally shareholders are risk averse, some shareholders
may want to invest in more risky corporates. As
Stephen Bainbridge recognises, the basic corporate law
principle of limited liability is designed to insulate shareholders
from the downside risks of corporate activity. Because shareholders
thus do not put their personal assets at jeopardy, other than the
amount initially invested, they effectively externalise some
portion of the business' total risk exposure to creditors.
Is risk the magic bullet? As Desender
has acknowledged, risk management is a relatively recent construct.
It seems fashion is now demanding we use corporate governance
standards and risk management to ensure corporate compliance with a
range of activities from accounting misfeasance to foreign corrupt
practices and everything in between!
It might be a noble ambition but is it realistic or appropriate?
Have we adopted the new fashion just because it's fashionable?
We ought to remember that no less an arbiter of fashion than Coco
Chanel said that: "Fashion is made to become
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
Most awarded firm and Australian deal of
Australasian Legal Business Awards
Employer of Choice for
Equal Opportunity for Women
in the Workplace (EOWA)
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In the years following the global financial crisis of 2008 many Australian investors lost their life savings as financial products failed and the Australian Stock Exchange shed over 3,000 points.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).